Your message dated Fri, 15 Sep 2017 05:19:55 +0000 with message-id <[email protected]> and subject line Bug#875668: fixed in refpolicy 2:2.20161023.1-10 has caused the Debian Bug report #875668, regarding selinux-policy-default: systemd-tmpfiles can't unlink /var/lib/sudo files to be marked as done.
This means that you claim that the problem has been dealt with. If this is not the case it is now your responsibility to reopen the Bug report if necessary, and/or fix the problem forthwith. (NB: If you are a system administrator and have no idea what this message is talking about, this may indicate a serious mail system misconfiguration somewhere. Please contact [email protected] immediately.) -- 875668: https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=875668 Debian Bug Tracking System Contact [email protected] with problems
--- Begin Message ---Package: selinux-policy-default Version: 2:2.20161023.1-9 Severity: normal [ 11.596038] audit: type=1400 audit(1505299976.513:5): avc: denied { unlink } for pid=451 comm="systemd-tmpfile" name="mon" dev="sdb2" ino=2261257 scontext=system_u:system_r:systemd_tmpfiles_t:s0 tcontext=system_u:object_r:pam_var_run_t:s0 tclass=file permissive=0 This happens on boot when processing /usr/lib/tmpfiles.d/sudo.conf -- System Information: Debian Release: 9.1 APT prefers stable APT policy: (500, 'stable') Architecture: amd64 (x86_64) Foreign Architectures: i386 Kernel: Linux 4.9.0-3-amd64 (SMP w/4 CPU cores) Locale: LANG=en_AU, LC_CTYPE=en_AU (charmap=ISO-8859-1), LANGUAGE=en_AU:en (charmap=ISO-8859-1) Shell: /bin/sh linked to /bin/dash Init: systemd (via /run/systemd/system) Versions of packages selinux-policy-default depends on: ii libselinux1 2.6-3+b1 ii libsemanage1 2.6-2 ii libsepol1 2.6-2 ii policycoreutils 2.6-3 ii selinux-utils 2.6-3+b1 Versions of packages selinux-policy-default recommends: ii checkpolicy 2.6-2 ii setools 4.0.1-6 Versions of packages selinux-policy-default suggests: pn logcheck <none> pn syslog-summary <none> -- no debconf information
--- End Message ---
--- Begin Message ---Source: refpolicy Source-Version: 2:2.20161023.1-10 We believe that the bug you reported is fixed in the latest version of refpolicy, which is due to be installed in the Debian FTP archive. A summary of the changes between this version and the previous one is attached. Thank you for reporting the bug, which will now be closed. If you have further comments please address them to [email protected], and the maintainer will reopen the bug report if appropriate. Debian distribution maintenance software pp. Russell Coker <[email protected]> (supplier of updated refpolicy package) (This message was generated automatically at their request; if you believe that there is a problem with it please contact the archive administrators by mailing [email protected]) -----BEGIN PGP SIGNED MESSAGE----- Hash: SHA256 Format: 1.8 Date: Wed, 13 Sep 2017 23:47:21 +1000 Source: refpolicy Binary: selinux-policy-default selinux-policy-mls selinux-policy-src selinux-policy-dev selinux-policy-doc Architecture: source all Version: 2:2.20161023.1-10 Distribution: unstable Urgency: medium Maintainer: Debian SELinux maintainers <[email protected]> Changed-By: Russell Coker <[email protected]> Description: selinux-policy-default - Strict and Targeted variants of the SELinux policy selinux-policy-dev - Headers from the SELinux reference policy for building modules selinux-policy-doc - Documentation for the SELinux reference policy selinux-policy-mls - MLS (Multi Level Security) variant of the SELinux policy selinux-policy-src - Source of the SELinux reference policy for customization Closes: 874201 875668 875669 875676 875681 875726 875727 Changes: refpolicy (2:2.20161023.1-10) unstable; urgency=medium . * Add patch for typebounds. This patch was rejected upstream, to quote Chris PeBenito: NAK. This has already been fixed with the upcoming nnp_transition nosuid_transition permissions in refpolicy. I'm afraid distros will have to carry policy patches until they can roll out kernels that support these permissions. https://marc.info/?l=selinux&m=150151037511601&w=2 Closes: #874201 * Allow systemd-tmpfiles to delete /var/lib/sudo files. Closes: #875668 * Allow brctl to create files in sysfs and correctly label /usr/lib/bridge-utils/.*\.sh Closes: #875669 * Give bootloader_t all the access it needs to create initramfs images in different situations and communicate with dpkg_t. Closes: #875676 * Allow dnsmasq_t to read it's config dir Closes: #875681 * Build-depend and depend on version 2.7 of tools and libraries. * Allow systemd_tmpfiles_t to manage lastlog_t Closes: #875726 * Allow udev_t to talk to init via dbus and get service status in strict configuration Closes: #875727 Checksums-Sha1: b74999476c8290bd13022a9b701bd36e2bbd933a 2481 refpolicy_2.20161023.1-10.dsc 919c4e8369dae9301cbc53fd17eb8ab1371a1bc8 116036 refpolicy_2.20161023.1-10.debian.tar.xz bef5d2e9d1c53c53c07f065fec4da8096b6d0dfb 7824 refpolicy_2.20161023.1-10_amd64.buildinfo e1474ff57d5c56d4afca57b6c41ec5655cd2f0bb 3038020 selinux-policy-default_2.20161023.1-10_all.deb 32609abc0514f0acc9f16cd173ca902bf1c61753 469400 selinux-policy-dev_2.20161023.1-10_all.deb 90afb9a479d55432c062b6fdd6b79ba7d05f50b9 450262 selinux-policy-doc_2.20161023.1-10_all.deb f10c9bc20587f6c51f37d5ddbb33af9fcbb8f2cf 3073796 selinux-policy-mls_2.20161023.1-10_all.deb 596d3a947a1d005bda8de00f0f461e945d068a1f 1255652 selinux-policy-src_2.20161023.1-10_all.deb Checksums-Sha256: c4a16344a37780651aef6252ccc80de43a30759ad1a4de155a38c1e355556488 2481 refpolicy_2.20161023.1-10.dsc e78017997bf1418dad78cf70bd14c9f5b30b054b03b947e90517df4258c9ca39 116036 refpolicy_2.20161023.1-10.debian.tar.xz 92422ea25dbd679097a80397b4a5421436a53a194d636ecb86d5586315b8c193 7824 refpolicy_2.20161023.1-10_amd64.buildinfo 1308334ea3fe20eb6475a1cda8d8dce4d555dc55a1d37be7d9d3f8c2b06eb4c5 3038020 selinux-policy-default_2.20161023.1-10_all.deb 6a0007bf6912edfb7c5eedc3711e64104244c8f42abef33570336c1a5d2454b7 469400 selinux-policy-dev_2.20161023.1-10_all.deb f0342c35b46c5b3900d8deeeff7bf87dbe0eed060c4028142cf5ed48cedd3093 450262 selinux-policy-doc_2.20161023.1-10_all.deb bb8a342882c7f2764bf057f2376c0b3255483ff9783bb265be9d980077b4b3c6 3073796 selinux-policy-mls_2.20161023.1-10_all.deb 6cc353cfb2fc1522efe6fc5403d1023fc0f6b4d13f6fbd916c66fc61c9923c3b 1255652 selinux-policy-src_2.20161023.1-10_all.deb Files: b77fe09ea3904161654607a083caf298 2481 admin optional refpolicy_2.20161023.1-10.dsc f08ac3740dcb61d52a4cfda5710efac3 116036 admin optional refpolicy_2.20161023.1-10.debian.tar.xz df575c10d535bd48c2547b6e58fa6608 7824 admin optional refpolicy_2.20161023.1-10_amd64.buildinfo e406b7f7450a2e52bf7cc2648d734ce5 3038020 admin optional selinux-policy-default_2.20161023.1-10_all.deb daba76c67201be0da2df7790f7d2e535 469400 admin optional selinux-policy-dev_2.20161023.1-10_all.deb 721b1099d495250c9b0679b12e9b7927 450262 doc optional selinux-policy-doc_2.20161023.1-10_all.deb 0b395df9e9e4f70fad15be3797d4e4ff 3073796 admin extra selinux-policy-mls_2.20161023.1-10_all.deb 85fd2022eceb0388306517e78bf338ca 1255652 admin optional selinux-policy-src_2.20161023.1-10_all.deb -----BEGIN PGP SIGNATURE----- iQIzBAEBCAAdFiEEn31hncwG9XwCqmbH0UHNMPxLj3kFAlm7XfAACgkQ0UHNMPxL j3l/0g/+No7hu/luVi4JSyZ9gzY4+/vQj+EaGDqhGuI9KvmhN2/NqDDsf6sYiVnO kGifgtsNzAp97jfEhYwwo7uurY8a98JgtCqIhokZ0fPgRl3mnMGp9f7OPtQazlMr HvC9zK+mfmJhcR5YmwjEvpXZedR5mHBRJIqGQkrmjZ6tP/0fqczCdxgYmGVVzqAe 2TAetKPvbCI0unseZfVdwA7+VdphuWZaSsJoTYJLvWlSS6xROyvErcejXGkGyBA3 B7oRgaVG+d/UDlyWIE+Kk9cg1b17hilmBPbrWjoFiKKkY6BwbPnw2EnyG6tcSugi bO7N1llt0avQkN9BrP5VGsHV0n1gF1PAC6UvBdKYE01f6ifZ615miAEeh19nPVyf CLuyFVS3W/YSVsldYft2VPvCxYMlIGWwY0vlySDbMSXXS0zwuldmwRIYSmaSQhMx wat4PoyKhNlHt4fenZxSlNM7pvDJf6OdxcrXaM4WieBEU8hifJms80pfbp7RSs39 lgTC/OzliMA8NuEM7abuZ64yPFOFB3F8Qj/YGaI5cBfPFv3IGBhLGMB1oqDV0fbL lbjx++v9N5905losR/sM0r5uFv4bML4au0nKAPTKtCvy5Xd9ccp6gPJXzXht4zur UMU5NFz0ZMi1ScA428svP69T4lQkQ3C6R9OlqKyo9jxbMYAdPBg= =6Xz2 -----END PGP SIGNATURE-----
--- End Message ---
_______________________________________________ SELinux-devel mailing list [email protected] http://lists.alioth.debian.org/cgi-bin/mailman/listinfo/selinux-devel
